Click here to Skip to main content
15,867,771 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
DataTable checktitle = DatabaseLayer.Retrive("select * from CourseTable where Title =" + subjecttitletbox.Text.Trim() + "");

           if (checktitle != null)
           {
               if (checktitle.Rows.Count > 0)
               {

                   MessageBox.Show("Already Exist!");
                   subjecttitletbox.Focus();
                   subjecttitletbox.SelectAll();
                   return;
               }

           }


What I have tried:

i have tried the above code this code is correct but not working
if anyone have another method please guid me
language C#
Visual studio 2017
thank you
Posted
Updated 11-Jun-21 1:28am
Comments

1 solution

Shouldn't there be some single quotes in that select?
C#
DataTable checktitle = DatabaseLayer.Retrive("select * from CourseTable where Title ='" + subjecttitletbox.Text.Trim() + "'");
Using string concatenation leaves you open to SQL injection by the way. If you used parameterized queries this problem would probably not have happened in the first place.

Unfortunately, I don't know what your Retrive method does. If it was me writing this, I would pass a list of parameters into a Retrieve method and make that method build the parameter list
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900